Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/naYr1QHJvwX-oQtuj2eGvDPFvYM.roa
File: naYr1QHJvwX-oQtuj2eGvDPFvYM.roa (raw, json)
Hash identifier: 6QrnQDP6HbujQycl6u7W4eVnu06DaKVUgR6BY7Wh+40=
Subject key identifier: 9D:A6:2B:D5:01:C9:BF:05:FE:A1:0B:6E:8F:67:86:BC:33:C5:BD:83
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018B7F9CAC8B61D955EF8D63225EEF57E129
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/naYr1QHJvwX-oQtuj2eGvDPFvYM.roa
Signing time: Mon 30 Oct 2023 08:04:16 +0000
ROA not before: Mon 30 Oct 2023 08:04:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216155
IP address blocks: 89.213.149.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7f:9c:ac:8b:61:d9:55:ef:8d:63:22:5e:ef:57:e1:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 30 08:04:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9da62bd501c9bf05fea10b6e8f6786bc33c5bd83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cf:e3:b3:95:25:5a:b8:97:fa:31:5e:db:94:
75:09:c2:ff:a9:0e:8a:38:9d:9d:5c:49:6f:2b:a8:
15:ad:23:fe:b5:b5:f7:72:95:75:cd:c7:06:a2:d2:
48:c6:16:ad:f2:1c:3e:66:fd:28:73:48:c9:e4:9c:
c2:d9:f8:58:1b:d4:d5:49:03:39:dc:fd:10:84:0b:
e9:a4:16:21:a5:2c:59:3d:1a:69:8a:94:b3:cb:a3:
dc:3b:97:8d:04:2a:80:6b:e8:50:0f:d0:44:ab:da:
b7:18:26:56:d1:d3:6e:dd:4d:96:bc:55:1e:48:53:
3e:d8:3d:07:e5:0b:59:b9:f2:63:c1:d4:c2:d8:f3:
68:f5:42:79:9f:5d:33:c6:be:44:d2:33:b4:38:c4:
b3:79:d7:af:dc:7b:39:ae:08:a4:58:e4:10:a0:66:
14:ec:74:5d:0a:3c:73:6e:75:0a:a2:f4:89:8a:30:
b3:ca:29:91:de:7f:35:b1:af:0d:28:f8:ef:f7:eb:
45:50:98:33:53:ed:0b:d2:9c:b5:fa:cc:a1:8e:19:
34:b8:34:43:3d:44:ea:23:ba:e2:9a:03:52:2a:7f:
8d:4d:18:f2:a7:ea:0d:7d:72:38:ef:27:d4:6a:9b:
73:a4:15:bb:9d:c7:97:b3:b1:0e:34:13:7d:b5:77:
a2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A6:2B:D5:01:C9:BF:05:FE:A1:0B:6E:8F:67:86:BC:33:C5:BD:83
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/naYr1QHJvwX-oQtuj2eGvDPFvYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.149.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:fd:ea:fd:ab:b5:2c:c8:33:37:b5:45:1d:30:73:40:ee:21:
7f:11:66:5f:d7:7f:7a:28:1d:f9:e0:f2:c3:72:bd:96:18:c2:
76:81:91:a4:f0:4f:d3:f9:97:b6:d6:ec:f0:73:6d:4f:bb:ff:
3e:3d:87:20:ce:12:29:8e:e0:49:06:55:8c:af:cd:53:1e:b7:
0a:73:43:7f:5b:8f:0c:94:77:e9:fb:5f:d0:f7:e6:e2:76:ac:
8f:23:62:7f:26:82:48:b7:bd:53:41:50:f8:84:fc:5b:0f:1c:
36:e6:1d:31:dd:de:8d:6e:43:7e:a4:1a:bf:50:82:12:77:69:
50:1e:02:f7:02:4c:a6:07:22:62:2b:c1:7d:53:f3:95:ee:ec:
d0:ed:07:75:b9:f6:d6:76:ed:de:fb:0b:f5:31:ad:dd:44:a8:
b7:b2:f1:89:1c:39:79:00:e5:42:05:80:01:38:27:e4:97:16:
d8:d4:8a:c6:66:bf:43:7c:87:4e:dc:16:eb:9a:f7:1b:ea:90:
78:e7:c6:9c:88:be:7f:a2:56:a3:0f:d0:19:52:85:26:aa:34:
75:49:df:60:98:1f:09:8d:a6:33:97:0b:97:55:00:56:e3:d1:
b8:4a:7f:12:26:f6:7c:f2:01:ad:2b:d2:47:2c:82:51:83:b7:
9c:74:aa:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYt/nKyLYdlV741jIl7vV+EpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDMwMDgwNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGE2MmJkNTAxYzliZjA1ZmVhMTBiNmU4ZjY3ODZiYzMzYzViZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkM/js5UlWriX+jFe25R1CcL/qQ6K
OJ2dXElvK6gVrSP+tbX3cpV1zccGotJIxhat8hw+Zv0oc0jJ5JzC2fhYG9TVSQM5
3P0QhAvppBYhpSxZPRppipSzy6PcO5eNBCqAa+hQD9BEq9q3GCZW0dNu3U2WvFUe
SFM+2D0H5QtZufJjwdTC2PNo9UJ5n10zxr5E0jO0OMSzedev3Hs5rgikWOQQoGYU
7HRdCjxzbnUKovSJijCzyimR3n81sa8NKPjv9+tFUJgzU+0L0py1+syhjhk0uDRD
PUTqI7rimgNSKn+NTRjyp+oNfXI47yfUaptzpBW7nceXs7EONBN9tXeiXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2mK9UByb8F/qELbo9nhrwzxb2DMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbmFZcjFRSEp2d1gtb1F0dWoyZUd2RFBGdllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWVMA0G
CSqGSIb3DQEBCwUAA4IBAQAe/er9q7UsyDM3tUUdMHNA7iF/EWZf1396KB354PLD
cr2WGMJ2gZGk8E/T+Ze21uzwc21Pu/8+PYcgzhIpjuBJBlWMr81THrcKc0N/W48M
lHfp+1/Q9+bidqyPI2J/JoJIt71TQVD4hPxbDxw25h0x3d6NbkN+pBq/UIISd2lQ
HgL3AkymByJiK8F9U/OV7uzQ7Qd1ufbWdu3e+wv1Ma3dRKi3svGJHDl5AOVCBYAB
OCfklxbY1IrGZr9DfIdO3Bbrmvcb6pB458aciL5/olajD9AZUoUmqjR1Sd9gmB8J
jaYzlwuXVQBW49G4Sn8SJvZ88gGtK9JHLIJRg7ecdKqC
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:15:05 2025 by rpki-client